A control (i.e., a base control or a control enhancement), as defined in [NIST SP 800-53], that applies one or more cyber resiliency techniques or approaches or that is intended to achieve one or more cyber resiliency objectives.

Source: NIST SP 800-160 Vol. 2 Rev. 1 | Category: